Search for vulnerabilities
Vulnerability details: VCID-x6ef-mn8c-fbdc
Vulnerability ID VCID-x6ef-mn8c-fbdc
Aliases CVE-2023-42916
Summary An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Status Published
Exploitability 2.0
Weighted Severity 6.1
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-125 Out-of-bounds Read
System Score Found at
cvssv3 6.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42916.json
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00037 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-42916
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/12
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/12
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/13
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/13
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/3
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/3
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/4
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/4
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/5
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/5
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2023/Dec/8
ssvc Track http://seclists.org/fulldisclosure/2023/Dec/8
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/35
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/35
cvssv3.1 5.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-42916
cvssv3.1 6.5 https://security.gentoo.org/glsa/202401-04
ssvc Track https://security.gentoo.org/glsa/202401-04
cvssv3.1 6.5 https://support.apple.com/en-us/HT214031
ssvc Track https://support.apple.com/en-us/HT214031
cvssv3.1 6.5 https://support.apple.com/en-us/HT214032
ssvc Track https://support.apple.com/en-us/HT214032
cvssv3.1 6.5 https://support.apple.com/en-us/HT214033
ssvc Track https://support.apple.com/en-us/HT214033
cvssv3.1 6.5 https://support.apple.com/kb/HT214033
ssvc Track https://support.apple.com/kb/HT214033
cvssv3.1 6.5 https://support.apple.com/kb/HT214034
ssvc Track https://support.apple.com/kb/HT214034
cvssv3.1 6.5 https://support.apple.com/kb/HT214062
ssvc Track https://support.apple.com/kb/HT214062
cvssv3.1 6.5 https://www.debian.org/security/2023/dsa-5575
ssvc Track https://www.debian.org/security/2023/dsa-5575
cvssv3.1 6.5 http://www.openwall.com/lists/oss-security/2023/12/05/1
ssvc Track http://www.openwall.com/lists/oss-security/2023/12/05/1
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42916.json
https://api.first.org/data/v1/epss?cve=CVE-2023-42916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42917
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1 http://www.openwall.com/lists/oss-security/2023/12/05/1
12 http://seclists.org/fulldisclosure/2023/Dec/12
13 http://seclists.org/fulldisclosure/2023/Dec/13
202401-04 https://security.gentoo.org/glsa/202401-04
2253054 https://bugzilla.redhat.com/show_bug.cgi?id=2253054
3 http://seclists.org/fulldisclosure/2023/Dec/3
35 http://seclists.org/fulldisclosure/2024/Jan/35
4 http://seclists.org/fulldisclosure/2023/Dec/4
5 http://seclists.org/fulldisclosure/2023/Dec/5
8 http://seclists.org/fulldisclosure/2023/Dec/8
AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
CVE-2023-42916 https://nvd.nist.gov/vuln/detail/CVE-2023-42916
dsa-5575 https://www.debian.org/security/2023/dsa-5575
HT214031 https://support.apple.com/en-us/HT214031
HT214032 https://support.apple.com/en-us/HT214032
HT214033 https://support.apple.com/en-us/HT214033
HT214033 https://support.apple.com/kb/HT214033
HT214034 https://support.apple.com/kb/HT214034
HT214062 https://support.apple.com/kb/HT214062
P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
RHSA-2023:4201 https://access.redhat.com/errata/RHSA-2023:4201
RHSA-2023:4202 https://access.redhat.com/errata/RHSA-2023:4202
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
USN-6545-1 https://usn.ubuntu.com/6545-1/
Data source KEV
Date added Dec. 4, 2023
Description Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required action Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Due date Dec. 25, 2023
Note 
https://support.apple.com/en-us/HT214031, https://support.apple.com/en-us/HT214032, https://support.apple.com/en-us/HT214033 ;  https://nvd.nist.gov/vuln/detail/CVE-2023-42916
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42916.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/12
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/12
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/13
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/13
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/5
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2023/Dec/8
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/35
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/35
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-42916
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/202401-04
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://security.gentoo.org/glsa/202401-04
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214031
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/en-us/HT214031
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214032
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/en-us/HT214032
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214033
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/en-us/HT214033
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214033
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/kb/HT214033
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214034
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/kb/HT214034
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214062
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://support.apple.com/kb/HT214062
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2023/dsa-5575
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at https://www.debian.org/security/2023/dsa-5575
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.openwall.com/lists/oss-security/2023/12/05/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-02T05:00:18Z/ Found at http://www.openwall.com/lists/oss-security/2023/12/05/1
Exploit Prediction Scoring System (EPSS)
Percentile 0.09751
EPSS Score 0.00037
Published At Aug. 3, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:43:22.055739+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/6545-1/ 37.0.0